<?php

require "include/bittorrent.php";
dbconn();
loggedinorreturn();
require_once(get_langfile_path());
if (get_user_class() < UC_ADMINISTRATOR)
	stderr("错误", "权限不足");

$remove = (int) $_GET['remove'];
if (is_valid_id($remove)) {
	sql_query("DELETE FROM bans WHERE id=" . mysql_real_escape_string($remove)) or sqlerr();
	write_log("封禁IP序号 " . htmlspecialchars($remove) . " 被 $CURUSER[id] ($CURUSER[username]) 删除了", 'mod');
}

if ($_SERVER["REQUEST_METHOD"] == "POST" && get_user_class() >= UC_ADMINISTRATOR) {
	$first = trim($_POST["first"]);
	$last = trim($_POST["last"]);
	$comment = trim($_POST["comment"]);
	if (!$first || !$last || !$comment)
		stderr("错误", "请填写全部选项");
	$firstlong = ip2long($first);
	$lastlong = ip2long($last);
	if ($firstlong == -1 || $lastlong == -1)
		stderr("错误", "错误的IP地址");
	$comment = sqlesc($comment);
	$added = sqlesc(date("Y-m-d H:i:s"));
	sql_query("INSERT INTO bans (added, addedby, first, last, comment) VALUES($added, " . mysql_real_escape_string($CURUSER[id]) . ", $firstlong, $lastlong, $comment)") or sqlerr(__FILE__, __LINE__);
	header("Location: $_SERVER[REQUEST_URI]");
	die;
}

//ob_start("ob_gzhandler");

$res = sql_query("SELECT * FROM bans ORDER BY added DESC") or sqlerr();

stdhead("禁止IP");

print("<h1>" . $lang_bans['head_current'] . "</h1>\n");

if (mysql_num_rows($res) == 0)
	print("<p align=center><b>" . $lang_bans['text_nothing'] . "</b></p>\n");
else {
	print("<table border=1 cellspacing=0 cellpadding=5>\n");
	print("<tr><td class=colhead>" . $lang_bans['text_addtime'] . "</td><td class=colhead align=left>" . $lang_bans['text_firstip'] . "</td><td class=colhead align=left>" . $lang_bans['text_lastip'] . "</td>" .
			"<td class=colhead align=left>" . $lang_bans['text_by'] . "</td><td class=colhead align=left>" . $lang_bans['text_comment'] . "</td><td class=colhead>" . $lang_bans['text_act'] . "</td></tr>\n");

	while ($arr = mysql_fetch_assoc($res)) {
		print("<tr><td>" . gettime($arr[added]) . "</td><td align=left>" . long2ip($arr[first]) . "</td><td align=left>" . long2ip($arr[last]) . "</td><td align=left>" . get_username($arr['addedby']) .
				"</td><td align=left>$arr[comment]</td><td><a href=bans.php?remove=$arr[id]>" . $lang_bans['text_remove'] . "</a></td></tr>\n");
	}
	print("</table>\n");
}

if (get_user_class() >= UC_ADMINISTRATOR) {
	print("<h1>" . $lang_bans['head_addban'] . "</h1>\n");
	print("<table border=1 cellspacing=0 cellpadding=5>\n");
	print("<form method=post action=bans.php>\n");
	print("<tr><td class=rowhead>" . $lang_bans['text_firstip'] . "</td><td><input type=text name=first size=40></td></tr>\n");
	print("<tr><td class=rowhead>" . $lang_bans['text_lastip'] . "</td><td><input type=text name=last size=40></td></tr>\n");
	print("<tr><td class=rowhead>" . $lang_bans['text_comment'] . "</td><td><input type=text name=comment size=40></td></tr>\n");
	print("<tr><td colspan=2 align=center><input type=submit value='" . $lang_bans['submit_add'] . "' class=btn></td></tr>\n");
	print("</form>\n</table>\n");
}
stdfoot();
